Hostile JavaScript: Attacking and Defending the Browser
javascript security
by Todd Gardner
Sat, Apr 15, 2023
Room:
Garden Room
Time:
12:30
How much JavaScript is on your website? Do you know what it does? No really, have you looked at the code and seen what it does? Probably not.
JavaScript controls the client side environment, and we can use it to compromise users, consume resources, and steal data. Yet many websites continue to add scripts without review, audit, or thought.
Let's explore what JavaScript can do to a browser, the vectors that JavaScript can get added to websites, and how we can defend against JavaScript attacks.
About the Author
Todd Gardner is a software entrepreneur and developer who has built multiple profitable products. He pushes for simple tools, maintainable software, and balancing complexity with risk. He is the cofounder of TrackJS and Request Metrics, where he helps thousands of developers build faster and more reliable websites. He also produces the PubConf software comedy show.